Instagram faces EUR 405 million fine for children’s privacy violations under the GPDR
The Irish Data Protection Commission (DPC) issued a EUR 405 million fine to Instagram for violations of children’s privacy under the EU General Data Protection Regulation (GDPR). The fine is the second-largest GDPR penalty to be issued; it involves allegations derived from Instagram’s default account setting for children aged 13-17 that jeopardized email addresses and phone numbers connected to their accounts. The investigation began in October 2020, and the preliminary decision of the DPC triggered a dispute-resolution mechanism to deal with other EU data protection authorities input on the penalty.
White House and experts to discuss privacy and online safety
US President Joe Biden’s administration members will meet with experts to discuss privacy, online safety, competition, and Big Tech harms. The discussion will concentrate on creating an outline of specific harms from the practices and platform accountability of Big Tech companies. Officials from the Chief of Staff’s Office, the National Economic Council, the Office of Science and Technology Policy, and the National Security Council are expected to join the discussion. Even though President Biden announced strengthening privacy protection and cautioned on the negative aspects of social media on young people’s mental health in his State of the Union address, the administration has concentrated on other legislative priorities.
Kids’ game app in violation of COPPA and CARU’s privacy guidelines
The Better Business Bureau’s (BBB) National Programs’ Children’s Advertising Review Unit (CARU) has found Tilting Point Media, LLC, the owner and operation of SpongeBob: Krusty Cook-Off app, violated the Children’s Online Privacy Protection Act (COPPA). The company also violated CARU’s Self-Regulatory Guidelines for Advertising and Children’s Online Privacy Protection. The guidelines state that companies are not allowed to collect the personal data of users below 13 years old. The reviewers from CARU could access the app by posing as a 10-year-old and found that they could consent to receive personalized advertising. Tilting Point Media has fully cooperated with CARU’s self-regulatory program and has proactively made changes to address the concerns.
Source: Better Business Bureau – National Programs, IAPP
Lawsuit to Maine’s opt-in privacy law pulled back by ISP lobbyists
Lobbyist withdrew their lawsuit against the state of Maine’s opt-in privacy law. The lawsuit was filed in support of broadband internet providers against Maine’s privacy law that required internet service providers (ISP) to secure explicit consent from users before using web browsing data for ad targeting. Industry advocacy groups who brought the lawsuit accused the privacy law of violating the First Amendment by limiting ISPs from collecting and selling user data but allowing online companies that include search engines to collect user data for targeted advertising.